An Amazon Route53 Alias record is a special DNS record type that maps one domain name to another AWS resource (like CloudFront, ELB, S3 bucket, or another Route53 record) without requiring an IP address resolution in the traditional sense. Unlike standard DNS records, Alias records:
- Are AWS-native and don't exist in conventional DNS systems
- Provide automatic updates when the target resource's IPs change
- Enable zone apex support (naked domains like example.com)
- Have no additional cost for queries
When you create an Alias record pointing to CloudFront, Route53 maintains an internal mapping to CloudFront's edge locations. The DNS resolution process works like this:
1. Client queries Route53 for example.com
2. Route53 checks its internal mapping tables
3. Returns current CloudFront IPs (which may rotate)
4. No traditional DNS propagation occursThe IP addresses you observe in dig results are:
- Actual CloudFront edge server IPs
- Dynamically selected based on AWS's anycast routing
- Subject to change without DNS propagation delays
Example CloudFront IP ranges (which change frequently):
13.32.0.0/15
52.222.0.0/19
99.84.0.0/16Here's how to programmatically create a CloudFront-aligned Alias record:
aws route53 change-resource-record-sets \
--hosted-zone-id Z1D633PEXAMPLE \
--change-batch '{
"Changes": [{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "example.com",
"Type": "A",
"AliasTarget": {
"HostedZoneId": "Z2FDTNDATAQYW2",
"DNSName": "d111111abcdef8.cloudfront.net",
"EvaluateTargetHealth": false
}
}
}]
}'| Feature | Alias Record | Standard A Record |
|---|---|---|
| IP Updates | Automatic | Manual |
| Cost | Free | Charged per query |
| Performance | Optimal routing | Static routing |
Common resolution patterns when debugging:
- Verify CloudFront distribution status (
aws cloudfront get-distribution --id EDFDVBD6EXAMPLE) - Check for correct HostedZoneId (CloudFront always uses Z2FDTNDATAQYW2)
- Confirm DNSName matches your CloudFront domain (*.cloudfront.net)
An Amazon Route53 Alias record is a special DNS record type that allows you to route traffic to AWS resources (like CloudFront distributions, ELBs, or S3 buckets) without using traditional IP-based records. Unlike standard CNAME records, Alias records can be used at the zone apex (root domain) and provide native AWS integration.
- Alias records are AWS-native and don't exist in traditional DNS systems
- They resolve to the current IP addresses of the target AWS service
- Resolution happens at query time, ensuring up-to-date IPs
- No TTL limitations (unlike standard DNS records)
When you query an Alias record pointing to CloudFront, Route53 returns the current edge location IPs. These change because:
# Example CloudFront IP ranges (constantly updated)
13.32.67.0/24
52.222.232.0/24
# And many other ranges across AWS regionsHere's how to create an Alias record using AWS CLI:
aws route53 change-resource-record-sets --hosted-zone-id Z1D633PEXAMPLE \
--change-batch '{
"Changes": [{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "example.com",
"Type": "A",
"AliasTarget": {
"HostedZoneId": "Z2FDTNDATAQYW2",
"DNSName": "d123.cloudfront.net",
"EvaluateTargetHealth": false
}
}
}]
}'| Feature | Alias | CNAME |
|---|---|---|
| Zone apex support | Yes | No |
| AWS service integration | Native | Manual |
| Resolution speed | Faster | Standard |
Use Route53 health checks to monitor your Alias endpoints:
aws route53 create-health-check --caller-reference $(date +%s) \
--health-check-config '{
"IPAddress": "13.32.67.21",
"Port": 80,
"Type": "HTTP",
"ResourcePath": "/",
"RequestInterval": 30
}'